WORKERS AHEAD!
You are viewing the development documentation for the Apereo CAS server. The functionality presented here is not officially released yet. This is a work in progress and will be continually updated as development moves forward. You are most encouraged to test the changes presented.
User-Managed Access Protocol
User-Managed Access (UMA) is a lightweight access control protocol that defines a centralized workflow to allow an entity (user or corporation) to manage access to their resources.

Remember that UMA-related operations that typically
may carry special scopes such as uma_protection
or uma_authorization
must not only be
requested in the initial authorization request, but should also be explicitly authorized in the registered service definition.
To learn more about UMA, please read the specification.
Configuration
Support is enabled by including the following dependency in the WAR overlay:
1
2
3
4
5
<dependency>
<groupId>org.apereo.cas</groupId>
<artifactId>cas-server-support-oauth-uma</artifactId>
<version>${cas.version}</version>
</dependency>
1
implementation "org.apereo.cas:cas-server-support-oauth-uma:${project.'cas.version'}"
1
2
3
4
5
6
7
8
9
dependencyManagement {
imports {
mavenBom "org.apereo.cas:cas-server-support-bom:${project.'cas.version'}"
}
}
dependencies {
implementation "org.apereo.cas:cas-server-support-oauth-uma"
}
1
2
3
4
5
6
dependencies {
implementation enforcedPlatform("org.apereo.cas:cas-server-support-bom:${project.'cas.version'}")
implementation platform(org.springframework.boot.gradle.plugin.SpringBootPlugin.BOM_COORDINATES)
implementation "org.apereo.cas:cas-server-support-oauth-uma"
}
The following settings and properties are available from the CAS configuration catalog:
cas.authn.oauth.uma.core.issuer=http://localhost:8080/cas
UMA issuer. |